PolarSSL Weak Signature Algorithm Negotiation

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote TLS server negotiates a weaker signature algorithm.

Description :

PolarSSL 1.3.8 does not properly negotiate the signature algorithm to
use, allowing remote attackers to conduct downgrade attacks.

This plugin sends a list of hash algorithms (SHA512, SHA384, SHA256,
SHA224, SHA1, and MD5) in descending order, and checks if the server
selects MD5.

See also :

https://polarssl.org/tech-updates/releases/polarssl-1.3.9-released
https://bugzilla.redhat.com/show_bug.cgi?id=1159845

Solution :

Use a PolarSSL version other than 1.3.8.

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 4.3
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: General

Nessus Plugin ID: 80399 ()

Bugtraq ID: 70902

CVE ID: CVE-2014-8627

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now